Lucene search
K
DeepseaelectronicsDse855 Firmware

6 matches found

CVE
CVE
added 2024/06/13 7:40 p.m.75 views

CVE-2024-5947

The CVE-2024-5947 issue affects Deep Sea Electronics DSE855. It arises from a missing authentication flow in the web UI that allows access to the configuration backup (Backup.bin), enabling network-adjacent attackers to disclose stored credentials. The flaw is exploitable without authentication v...

6.5CVSS6.1AI score0.02418EPSS
CVE
CVE
added 2024/06/13 7:40 p.m.58 views

CVE-2024-5949

CVE-2024-5949 affects Deep Sea Electronics DSE855 devices. The flaw is in the handling of multipart boundaries, caused by a logic error that can trigger an infinite loop, enabling network-adjacent attackers to perform a denial-of-service. Authentication is not required. The available connected so...

6.5CVSS4.6AI score0.0058EPSS
CVE
CVE
added 2024/06/13 7:40 p.m.58 views

CVE-2024-5952

CVE-2024-5952 affects Deep Sea Electronics DSE855 devices. The flaw is in the web-based UI where authentication is not required, allowing network-adjacent attackers to bypass auth and trigger a denial-of-service condition. Documented by ZDI (ZDI-24-676) and referenced in NVD/NVD-derived entries; ...

6.5CVSS4.8AI score0.00603EPSS
CVE
CVE
added 2024/06/13 7:40 p.m.53 views

CVE-2024-5948

CVE-2024-5948 affects the Deep Sea Electronics DSE855 device. The vulnerability is a multipart boundary handling issue where the length of user-supplied data is not properly validated before copying to a fixed-length stack-based buffer, causing a stack-based buffer overflow that can lead to remot...

8.8CVSS9.1AI score0.01108EPSS
CVE
CVE
added 2024/06/13 7:40 p.m.53 views

CVE-2024-5951

CVE-2024-5951 affects Deep Sea Electronics DSE855 devices. The flaw occurs in the web-based UI where there is a lack of authentication before granting access to functions, enabling network-adjacent attackers to trigger a denial-of-service by abusing authenticated-access gaps. Documents consistent...

7.1CVSS6.7AI score0.00778EPSS
CVE
CVE
added 2024/06/13 7:40 p.m.49 views

CVE-2024-5950

CVE-2024-5950 affects Deep Sea Electronics DSE855 devices. The root cause is improper validation of the length of user-supplied data in multipart form handling, copying into a fixed-length stack-based buffer, leading to a stack-based buffer overflow and remote code execution. Exploitation is poss...

8.8CVSS9.1AI score0.01118EPSS